<?php
/**
 * 后台用户模型。
 *
 * @author    Fairyin <fairyin@126.com>
 * @copyright © 2016 www.imcn.vip
 * @version   v1.0
 */

namespace App\Http\Model;

use Config;
use Response;
use Illuminate\Database\Eloquent\Model;

class User extends Model
{
    /**
     * 表名。
     * @var string
     */
    protected $table = 'vip_users';
    
    /**
     * 主键。
     * @var int
     */
    protected $primaryKey = 'uid';
    
    /**
     * 表明模型是否应该被打上时间戳
     *
     * @var bool
     */
    public $timestamps = false;
    
    const STATUS_ENABLE = 'enable';
    
    /**
     * 生成密码。
     * @param  string  $pwd  原始密码
     * @return 加密后的密码。
     */
    public static function generatePassword($pwd)
    {
        $s_pwd = sha1($pwd);
        $s_salt = sha1(Config::get('auth.salt'));
        $i_first = hexdec(substr($s_pwd, 0, 1));
        $i_last = hexdec(substr($s_pwd, 39, 1));
        if ($i_first > $i_last) {
            $s_pwd = substr($s_salt, $i_last, $i_first) . $s_pwd . substr($s_salt, $i_last, $i_first);
        } elseif ($i_first < $i_last) {
            $s_pwd = substr($s_salt, $i_first, $i_last) . $s_pwd . substr($s_salt, $i_first, $i_last);
        } elseif ($i_first == $i_last) {
            $s_pwd = substr($s_salt, 0, $i_first)  . $s_pwd . substr($s_salt, $i_first, $i_last);
            if ($i_first == 0) {
                $s_pwd = $s_salt . $s_pwd . $s_salt;
            }
        }

        return sha1($s_pwd);
    }
    
    /**
     * 生成身份令牌。
     * @param  int   $lifetime   过期时间
     * @return mixed
     */
    public function generateToken($lifetime = 86400)
    {
        if ($this->status != static::STATUS_ENABLE) {
            return false;
        }
        $s_salt = Config::get('auth.salt');
        //16进制8位补齐
        $s_hash = sprintf('%08x', time() + $lifetime);
        $i_num = (int) date('d', time());
        $s_new_salt = sha1($s_salt . date('Y-m-d'));
        $s_start = substr($s_new_salt, 0, $i_num);
        $s_end = substr($s_new_salt, $i_num, 40 - $i_num);
        $_str = sha1($s_salt . time() . $s_salt);
        $s_token = substr($_str, 0, 20)
            . sha1($s_start . md5($this->uid) . sha1($s_salt) . sha1($this->password) . $s_end)
            . $this->uid . $s_hash . substr($_str, 20, 20);

        return $s_token;
    }
    
    /**
     * 身份令牌解析和判断是否有效。
     * @param  string  $token 身份令牌
     * @return mixed
     */
    public static function checkToken($token)
    {
        if ($token == null) {
            return false;
        }
        $s_hash = substr($token, 20);
        $s_hash = substr($s_hash, 0, strlen($s_hash) - 20);
        $s_pwd = substr($s_hash, 0, 40);
        $s_main = substr($s_hash, 40);
        $id = substr($s_main, 0, strlen($s_main) - 8);
        $s_time = substr($s_main, strlen($s_main) - 8, 8);
        $i_express_time = hexdec($s_time);
        if ($i_express_time < time()) {
            return false;
        }
        $o_user = User::find($id);
        if (!$o_user) {
            return false;
        }
        $s_salt = Config::get('auth.salt');
        $i_num = (int) date('d', time());
        $s_new_salt = sha1($s_salt . date('Y-m-d'));
        $s_start = substr($s_new_salt, 0, $i_num);
        $s_end = substr($s_new_salt, $i_num, 40 - $i_num);
        $s_now_pwd = sha1($s_start . md5($o_user->uid) . sha1($s_salt) . sha1($o_user->password) . $s_end);
        if ($s_now_pwd != $s_pwd) {
            return false;
        }
        
        return $o_user;
    }
}
